— Short rules statement
 
You’re not entitled to use our services for malicious intents like: 
  • Spamming
  • Harrassing
  • Hate seeding and xenophoby/racism promoting activities and discussions
  • Promoting, discussing or sharing of illegal sexual material
  • Illegal sharing of copyrighted material
  • Phishing, Scamming and other ill intented activities
  • Any Denial of Servicing
  • Use this service as “carrier for” or “intermediate to” cheat bots, and/or other game cheating activities


Regarding the use of Disposable E-Mail Addresses to register to the service:

  • Furthermore you’re NOT entitled to use a DEA to register to our services. Throw-away addresses are mainly used for malicious intents and most of these services simply let the messages being web harvested, which is UNACCEPTABLE. Periodically we review registrations and seek for Throw-away E-Mail providers (which aren’t catched by our DEA filter), if found, the accounts will be assumed, no matter what, as ToS breaching without the possibility of an appeal.


Failing to comply to every of the above will result in a breach of the terms of service and the immediate account GDPR erasure and disabilitation.

 

— Regarding privacy

Logging, data retention:

  • We do not monitor data content (e.g. message content) passing through our services.
  • For the nature of the Matrix Protocol, every type of chat works like group chat, so a “room” entity is created to store the ineherent data and metadata, the information is then replicated coherently over all the HomeServers partecipating in the discussion so it’s actually impossible to guarantee the usage of that once it’s replicated to a 3rd party HomeServer.
  • We offer a STUN/TURN relay service to facilitate traversal of NATs for Audio / Video conferencing via Jingle or WebRTC, data that is relayed may be passed to 3rd parties which are beyond the bundaries of this service which means we’re unable to guarantee the safety or usage of the mentioned data when it transits away from our systems.
  • Frontend Servers do log the IP address of all systems communicating before routing requests internally in our network.


Service actions upon registration:

  • Upon registration the account will be added to our main community spaces and joined to our helpdesk (#helpdesk:aria-net.org) and lobby (#lighthouse:aria-net.org) rooms. You’re entirely free to remove it from either or also part any of our spaces right after, this is not ultimately a privacy focused or driven service when you’re registering to this Matrix HomeServer it’s implied you intend to join its community. This “exposure” is also an explicit deterrent against misusing our services.


Push Notifications, data processing and disclosure
:

  • We offer additional services, like bridges, that cross our own service jurisdiction boundary, by doing so the user implicitly consent the treatment of their data to the 3rd party they transit to and also it will cause personal data and metadata pertaining to the remote platform (e.g. your contacts) to be stored on our systems.
  • PUSH notifications are handled in conformance to the Matrix.org spec, and in the case the client used is a Mobile one will allow the Metadata to be relayed by the application’s push notification server to the Mobile service handling the notification, which changes depending on the operating system on your mobile device (APN for iOS, FCM or GCM in case of Android etc). Which perhaps is already beyond this service boundaries and we can’t be responsible of in the event anything beyond our web client (https://aria.im) is used, please contact your Mobile carrier or Operating System manufacturer for more information.


Direct data disclosure
:

  • Aria Network does use RECAPTCHA to protect the registration form perhaps some anonymous metadata may be disclosed to Google Inc. to verify the registration doesn’t come from some automated software.
  • Aria Network will match the mail address used in the registration against either the NameAPI, QuickEmailVerification or KickBox databases, to verify that the said mail address isn’t a disposable address.
  • Aria Network will not willingly disclose personal data pertaining to its users to any third party, also we don’t require you to provide any information which would make it possible to identificate yourself (Name, Surname, Residence etc.) to register to it, given the exception of the E-Mail address which is verified for legitimacy (as mentioned above) and used to send you the verification token to complete the account registration process.
  • The above statement would partially or not apply in case of abuse or ToS breach as every measure deemed necessary will be taken in order to settle the situation and pursue investigations including disclosure of data to middle parties, involved or to be involved parties and/or recognized authorities, etc.


Third-Party Identifiers (“3PID”) storage within matrix
:

  • Matrix defines other identifiers and addresses used to make a relationship with the account as “3PID”, they can be mail addresses or phone numbers.
  • The server software stores that information within its database in clear format.
  • With our service, as explained later in this document, at least a valid mail address needs to be associated with the account to mantain proper functionality.


Use of the Integrations Manager:

  • Using of the Integrations offered by our Matrix Dimensions instance require the storing of “Scalar” tokens that gets used by the appservice to interact and authenticate with the HomeServer to execute certain actions on behalf of the user.
  • The manager stores configuration data about certain bots (Go-Neb based ones like Wikipedia, Imgur, Giphy, RSS and Travis CI) and widgets.
  • Some other configuration is instead saved directly on the user’s account data stored on the HomeServer.


Opt-out requesting and oblivion rights
:

  • Unfortunately it’s very complicated to actually delete your account from the Matrix, it’s possible to disable that permanently and issue erasion in the form of redaction of all metadata and content data regarding your account from the federated servers.
  • You can be certain that such request will go to full length on our systems, and you can contact us to double check, but we can’t be responsible for what happens on servers beyond ours.


Cookie Policy
:

  • Cookies are used solely for browser session data, internal cluster routing and minor diagnostics of our systems usage by our web frontends, the Element client and our portal software WordPress.
  • All connected sites and web apps don’t have any sort of advertising, and perhaps all the related telemetry.


Passwords safety
:

  • Passwords are stored into the server in hashed format making it way harder for ’em to be decoded or cracked.
  • We do although encourage you to apply basic safety measures to create passwords of decent strength.
  • Our administrators will never ask you for your password/s and or will be able to retrieve ’em on your behalf in case of loss.


— Regarding account validity

  • A valid 3PID (mail address) is required to be associated with your account to properly receive validation tokens.


— Final disclaimers

Aria Network provides its public services, AS IS, without guarantees of sort, we perhaps decline any liability in case of damage or loss derived from their usage. We also reserve the right to suspend either the services, and/or the access to them to any third party, without notice.

By registering and/or using an account, you agree to abide to the above service agreement and consent the eventual treatment of your data and meta data by us or a third party as described (implicitly or explicitly) in this document.